NSA Updates Zero-Trust Advice to Reduce Attack Surfaces
Agency encourages broader use of encryption, data-loss prevention, as well as data rights management to safeguard data, networks, and users.
The National Security Agency has published its latest guidance for organizations interested in moving toward a zero-trust cybersecurity framework, with a particular focus on stopping unauthorized access to data both in transit and in storage.
NSA recommendations include the use of encryption, tagging, labeling, data-loss prevention strategies, and data rights management tools. The NSA suggestions are intentionally aligned with zero-trust frameworks to help government agencies and enterprises defend against increasingly sophisticated cyberattacks.
"Malicious cyber actors continuously increase their ability to infiltrate networks and gain access to sensitive data," Dave Luber, the NSA's director of cybersecurity, said in a statement about the latest round of NSA zero-trust advisories. "Assuming that breaches will occur, implementing the pillars of the zero-trust framework is how we combat that activity."
This focus on what the NSA in its report calls the "data pillar" is the continuation of the agency's development of zero-trust best practices, begun when it first released "Embracing a Zero Trust Security Model" in February 2021.
Just last month, the NSA updated its guidelines for implementing zero trust, which drew a distinction between macro- and microsegmentation of networks. Macrosegmentation is intended for workgroups and departments; micro-segmentation separates traffic even further so that not all users have the same access rights — a bid to reduce an organization's attack surface.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024